cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexandre Meyer (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CXF-6652) can't sign SOAP header Signature "signature verification failed"
Date Fri, 23 Oct 2015 15:00:29 GMT

    [ https://issues.apache.org/jira/browse/CXF-6652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14969332#comment-14969332
] 

Alexandre Meyer edited comment on CXF-6652 at 10/23/15 2:59 PM:
----------------------------------------------------------------

Ok, but I don't understand how it work, and I don't find sample to do this...
Il have:

{code:java}
ClientProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(Service.class);
factory.setAddress("https://...");
Service service = (Service) factory.create();

//And I want to active WS-SecurityPolicy
ClientProxy.getClient(service).getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true"); //???
ClientProxy.getClient(service).getRequestContext().put(security.signature.properties,"file.properties");
...

service.doSomething()
{code}

But nothing append to SOAP message


was (Author: alexflex25):
Ok, but I don't understand how it work, and I don't find sample to do this...
Il have:

ClientProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(Service.class);
factory.setAddress("https://...");
Service service = (Service) factory.create();

//And I want to active WS-SecurityPolicy
ClientProxy.getClient(service).getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true"); //???
ClientProxy.getClient(service).getRequestContext().put(security.signature.properties,"file.properties");
...

service.doSomething()

But nothing append to SOAP message

> can't sign SOAP header Signature "signature verification failed"
> ----------------------------------------------------------------
>
>                 Key: CXF-6652
>                 URL: https://issues.apache.org/jira/browse/CXF-6652
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.1.3
>            Reporter: Alexandre Meyer
>
> When you configure Signature action:
> {code:java}
> Map<String, Object> outProps = new HashMap<String, Object>();
> outProps.put(WSHandlerConstants.ACTION,"Signature Encrypt Timestamp");
> //...
> {code}
> and SIGNATURE_PARTS
> {code:java}
> //...
> outProps.put(WSHandlerConstants.SIGNATURE_PARTS,
> 	"{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;
"
> 	+ "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; "
> 	+ "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}Action; "
> 	+ "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}To; "
> 	+ "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}ReplyTo; "
> 	+ "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}MessageID ");
> {code}
> All works fine but the Signature element does not have any reference.
> Result:
> {code:xml}
> <wsu:Timestamp wsu:Id="TS-1">
> 	<wsu:Created>2015-10-22T11:55:21.937Z</wsu:Created>
> 	<wsu:Expires>2015-10-22T12:00:21.937Z</wsu:Expires>
> </wsu:Timestamp>
> <Action ... wsu:Id="id-1">
> <MessageID ... wsu:Id="id-2">
> <To ... wsu:Id="id-3">
> <ReplyTo ... wsu:Id="id-4">
> 	<Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</Address>
> </ReplyTo>
> ....
> <ds:Signature ... Id="SIG-ed19886d-2f14-4595-a815-8544867deae4">
> 	<ds:SignedInfo>
> 		<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 		<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> 		<ds:Reference URI="#TS-1">
> 			<ds:Transforms>
> 				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 			</ds:Transforms>
> 			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 			<ds:DigestValue>...</ds:DigestValue>
> 		</ds:Reference>
> 		<ds:Reference URI="#id-1">
> 			<ds:Transforms>
> 				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 			</ds:Transforms>
> 			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 			<ds:DigestValue>...</ds:DigestValue>
> 		</ds:Reference>
> 		<ds:Reference URI="#id-2">
> 			<ds:Transforms>
> 				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 			</ds:Transforms>
> 			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 			<ds:DigestValue>...</ds:DigestValue>
> 		</ds:Reference>
> 		<ds:Reference URI="#id-3">
> 			<ds:Transforms>
> 				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 			</ds:Transforms>
> 			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 			<ds:DigestValue>...</ds:DigestValue>
> 		</ds:Reference>
> 		<ds:Reference URI="#id-4">
> 			<ds:Transforms>
> 				<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 			</ds:Transforms>
> 			<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 			<ds:DigestValue>...</ds:DigestValue>
> 		</ds:Reference>
> 	</ds:SignedInfo>
> 	<ds:SignatureValue>.......</ds:SignatureValue>
> 	<ds:KeyInfo Id="KI-...">
> 		....
> 	</ds:KeyInfo>
> </ds:Signature>
> {code}
> But where is the reference to "SIG-ed19886d-2f14-4595-a815-8544867deae4"?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message